Protocol Documentation#
flyteidl/service/admin.proto#
AdminService#
The following defines an RPC service that is also served over HTTP via grpc-gateway. Standard response codes for both are defined here: https://github.com/grpc-ecosystem/grpc-gateway/blob/master/runtime/errors.go
Method Name |
Request Type |
Response Type |
Description |
|---|---|---|---|
CreateTask |
Create and upload a Task definition |
||
GetTask |
Fetch a Task definition. |
||
ListTaskIds |
Fetch a list of NamedEntityIdentifier of task objects. |
||
ListTasks |
Fetch a list of Task definitions. |
||
CreateWorkflow |
Create and upload a Workflow definition |
||
GetWorkflow |
Fetch a Workflow definition. |
||
ListWorkflowIds |
Fetch a list of NamedEntityIdentifier of workflow objects. |
||
ListWorkflows |
Fetch a list of Workflow definitions. |
||
CreateLaunchPlan |
Create and upload a LaunchPlan definition |
||
GetLaunchPlan |
Fetch a LaunchPlan definition. |
||
GetActiveLaunchPlan |
Fetch the active version of a LaunchPlan. |
||
ListActiveLaunchPlans |
List active versions of LaunchPlan. |
||
ListLaunchPlanIds |
Fetch a list of NamedEntityIdentifier of launch plan objects. |
||
ListLaunchPlans |
Fetch a list of LaunchPlan definitions. |
||
UpdateLaunchPlan |
Updates the status of a registered LaunchPlan. |
||
CreateExecution |
Triggers the creation of a Execution |
||
RelaunchExecution |
Triggers the creation of an identical Execution |
||
RecoverExecution |
Recreates a previously-run workflow execution that will only start executing from the last known failure point. In Recover mode, users cannot change any input parameters or update the version of the execution. This is extremely useful to recover from system errors and byzantine faults like - Loss of K8s cluster, bugs in platform or instability, machine failures, downstream system failures (downstream services), or simply to recover executions that failed because of retry exhaustion and should complete if tried again. See ExecutionRecoverRequest for more details. |
||
GetExecution |
Fetches a Execution. |
||
UpdateExecution |
Update execution belonging to project domain Execution. |
||
GetExecutionData |
Fetches input and output data for a Execution. |
||
ListExecutions |
Fetch a list of Execution. |
||
TerminateExecution |
Terminates an in-progress Execution. |
||
GetNodeExecution |
Fetches a NodeExecution. |
||
ListNodeExecutions |
Fetch a list of NodeExecution. |
||
ListNodeExecutionsForTask |
Fetch a list of NodeExecution launched by the reference TaskExecution. |
||
GetNodeExecutionData |
Fetches input and output data for a NodeExecution. |
||
RegisterProject |
Registers a Project with the Flyte deployment. |
||
UpdateProject |
Updates an existing Project flyteidl.admin.Project should be passed but the domains property should be empty; it will be ignored in the handler as domains cannot be updated via this API. |
||
ListProjects |
Fetches a list of Project |
||
CreateWorkflowEvent |
Indicates a WorkflowExecutionEvent has occurred. |
||
CreateNodeEvent |
Indicates a NodeExecutionEvent has occurred. |
||
CreateTaskEvent |
Indicates a TaskExecutionEvent has occurred. |
||
GetTaskExecution |
Fetches a TaskExecution. |
||
ListTaskExecutions |
Fetches a list of TaskExecution. |
||
GetTaskExecutionData |
Fetches input and output data for a TaskExecution. |
||
UpdateProjectDomainAttributes |
Creates or updates custom MatchableAttributesConfiguration for a project and domain. |
||
GetProjectDomainAttributes |
Fetches custom MatchableAttributesConfiguration for a project and domain. |
||
DeleteProjectDomainAttributes |
Deletes custom MatchableAttributesConfiguration for a project and domain. |
||
UpdateWorkflowAttributes |
Creates or updates custom MatchableAttributesConfiguration for a project, domain and workflow. |
||
GetWorkflowAttributes |
Fetches custom MatchableAttributesConfiguration for a project, domain and workflow. |
||
DeleteWorkflowAttributes |
Deletes custom MatchableAttributesConfiguration for a project, domain and workflow. |
||
ListMatchableAttributes |
Lists custom MatchableAttributesConfiguration for a specific resource type. |
||
ListNamedEntities |
Returns a list of NamedEntity objects. |
||
GetNamedEntity |
Returns a NamedEntity object. |
||
UpdateNamedEntity |
Updates a NamedEntity object. |
||
GetVersion |
flyteidl/service/auth.proto#
OAuth2MetadataRequest#
OAuth2MetadataResponse#
OAuth2MetadataResponse defines an RFC-Compliant response for /.well-known/oauth-authorization-server metadata as defined in https://tools.ietf.org/html/rfc8414
Field |
Type |
Label |
Description |
|---|---|---|---|
issuer |
Defines the issuer string in all JWT tokens this server issues. The issuer can be admin itself or an external issuer. |
||
authorization_endpoint |
URL of the authorization server’s authorization endpoint [RFC6749]. This is REQUIRED unless no grant types are supported that use the authorization endpoint. |
||
token_endpoint |
URL of the authorization server’s token endpoint [RFC6749]. |
||
response_types_supported |
repeated |
Array containing a list of the OAuth 2.0 response_type values that this authorization server supports. |
|
scopes_supported |
repeated |
JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this authorization server supports. |
|
token_endpoint_auth_methods_supported |
repeated |
JSON array containing a list of client authentication methods supported by this token endpoint. |
|
jwks_uri |
URL of the authorization server’s JWK Set [JWK] document. The referenced document contains the signing key(s) the client uses to validate signatures from the authorization server. |
||
code_challenge_methods_supported |
repeated |
JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server. |
|
grant_types_supported |
repeated |
JSON array containing a list of the OAuth 2.0 grant type values that this authorization server supports. |
PublicClientAuthConfigRequest#
PublicClientAuthConfigResponse#
FlyteClientResponse encapsulates public information that flyte clients (CLIs… etc.) can use to authenticate users.
Field |
Type |
Label |
Description |
|---|---|---|---|
client_id |
client_id to use when initiating OAuth2 authorization requests. |
||
redirect_uri |
redirect uri to use when initiating OAuth2 authorization requests. |
||
scopes |
repeated |
scopes to request when initiating OAuth2 authorization requests. |
|
authorization_metadata_key |
Authorization Header to use when passing Access Tokens to the server. If not provided, the client should use the default http Authorization header. |
||
service_http_endpoint |
ServiceHttpEndpoint points to the http endpoint for the backend. If empty, clients can assume the endpoint used to configure the gRPC connection can be used for the http one respecting the insecure flag to choose between SSL or no SSL connections. |
AuthMetadataService#
The following defines an RPC service that is also served over HTTP via grpc-gateway. Standard response codes for both are defined here: https://github.com/grpc-ecosystem/grpc-gateway/blob/master/runtime/errors.go RPCs defined in this service must be anonymously accessible.
Method Name |
Request Type |
Response Type |
Description |
|---|---|---|---|
GetOAuth2Metadata |
Anonymously accessible. Retrieves local or external oauth authorization server metadata. |
||
GetPublicClientConfig |
Anonymously accessible. Retrieves the client information clients should use when initiating OAuth2 authorization requests. |
flyteidl/service/dataproxy.proto#
CreateDownloadLocationRequest#
CreateDownloadLocationRequest specified request for the CreateDownloadLocation API.
Field |
Type |
Label |
Description |
|---|---|---|---|
native_url |
NativeUrl specifies the url in the format of the configured storage provider (e.g. s3://my-bucket/randomstring/suffix.tar) |
||
expires_in |
ExpiresIn defines a requested expiration duration for the generated url. The request will be rejected if this exceeds the platform allowed max. +optional. The default value comes from a global config. |
CreateDownloadLocationResponse#
Field |
Type |
Label |
Description |
|---|---|---|---|
signed_url |
SignedUrl specifies the url to use to download content from (e.g. https://my-bucket.s3.amazonaws.com/randomstring/suffix.tar?X-…) |
||
expires_at |
ExpiresAt defines when will the signed URL expires. |
CreateUploadLocationRequest#
CreateUploadLocationRequest specified request for the CreateUploadLocation API.
Field |
Type |
Label |
Description |
|---|---|---|---|
project |
Project to create the upload location for +required |
||
domain |
Domain to create the upload location for. +required |
||
filename |
Filename specifies a desired suffix for the generated location. E.g. file.py or pre/fix/file.zip. +optional. By default, the service will generate a consistent name based on the provided parameters. |
||
expires_in |
ExpiresIn defines a requested expiration duration for the generated url. The request will be rejected if this exceeds the platform allowed max. +optional. The default value comes from a global config. |
||
content_md5 |
ContentMD5 restricts the upload location to the specific MD5 provided. The ContentMD5 will also appear in the generated path. +required |
CreateUploadLocationResponse#
Field |
Type |
Label |
Description |
|---|---|---|---|
signed_url |
SignedUrl specifies the url to use to upload content to (e.g. https://my-bucket.s3.amazonaws.com/randomstring/suffix.tar?X-…) |
||
native_url |
NativeUrl specifies the url in the format of the configured storage provider (e.g. s3://my-bucket/randomstring/suffix.tar) |
||
expires_at |
ExpiresAt defines when will the signed URL expires. |
DataProxyService#
DataProxyService defines an RPC Service that allows access to user-data in a controlled manner.
Method Name |
Request Type |
Response Type |
Description |
|---|---|---|---|
CreateUploadLocation |
CreateUploadLocation creates a signed url to upload artifacts to for a given project/domain. |
||
CreateDownloadLocation |
CreateDownloadLocation creates a signed url to download artifacts. |
flyteidl/service/identity.proto#
UserInfoRequest#
UserInfoResponse#
See the OpenID Connect spec at https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse for more information.
Field |
Type |
Label |
Description |
|---|---|---|---|
subject |
Locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client. |
||
name |
Full name |
||
preferred_username |
Shorthand name by which the End-User wishes to be referred to |
||
given_name |
Given name(s) or first name(s) |
||
family_name |
Surname(s) or last name(s) |
||
Preferred e-mail address |
|||
picture |
Profile picture URL |
IdentityService#
IdentityService defines an RPC Service that interacts with user/app identities.
Method Name |
Request Type |
Response Type |
Description |
|---|---|---|---|
UserInfo |
Retrieves user information about the currently logged in user. |